Higher Education Strategy Associates Inc. (the “Company”), the legal entity behind the Canadian Education Project and the MyCanEd panel, is committed to maintaining the security, confidentiality and privacy of its respondents’/participants’ personal information. Any time you participate as a respondent/participant in one of our surveys, you can be assured that your individual responses will be kept confidential and never linked to your personal identifying information without your express permission. This Policy documents our ongoing commitment and has been developed in compliance with applicable privacy legislation.
Scope of Policy
The Policy applies to all personal information about individuals collected by the Company from time to time by means of the Company’s website and by means of telephone interviews.
From time to time changes to the Policy may be made and these changes will be incorporated without notice into a revised Policy which will be posted at http://www.higheredstrategy.com/PrivacyPolicy. Refer to this link in order to ensure that you will always have the most current information with respect to our privacy practices.
What is Personal Information?
“Personal information” is information about an identifiable individual but does not include business contact information such as the name, title, business address or telephone number of an employee of an organization. It also does not include information that cannot be associated with a specific individual, or information that is available in the public domain.
Collection, Use and Disclosure of Personal Information
The cornerstones of the Policy are that we will only collect personal information from you that is necessary for our legitimate purposes, that we will only use this information in ways that have been clearly communicated to you (or which should be obvious from the manner in which the information was requested) and that we will safeguard your personal information while it is in our possession and not retain it for longer than necessary.
We ascribe to ten privacy principles to ensure that your personal information is protected:
The Company is responsible for personal information under its control. Ryan Dunn (“Privacy Officer”) is our designated Privacy Officer who is responsible for the Company’s compliance with the policy.
2. Identifying Purposes
Upon or before collecting information, the Company will state the purpose of collection, unless the purpose is obvious, and will provide, on request, contact information for the Privacy Officer who can answer questions about the collection. Before using or disclosing personal information for a purpose not previously identified, the Company will identify the new purpose and obtain your consent unless the use or disclosure is authorized or required by law.
Except as set out below, the Company does not collect personal information other than personal information which is voluntarily provided. We collect, use and disclose your voluntarily-provided personal information for the following purposes:
- to conduct quantitative and/or qualitative marketing and social research;
- to analyze participants’ responses and opinions, and to share such analysis and reports with our clients, although the results that we share with our clients will not include personally identifying information;
- to analyze participants’ opinions to determine suitability for further marketing and social research;
- to conduct future surveys, by providing email notification of when new online surveys are being conducted;
- to communicate with you on a monthly basis by way of our monthly electronic newsletters and/or mailings;
- to inform you that you may be a potential winner of one of our draws; and
to comply with legal and regulatory requirements.
The above collections, uses and disclosures are a reasonably necessary part of your relationship with the Company. When the Company provides its clients with the respondents’ results of a particular survey, it does so in aggregate form. As such, it is impossible to identify an individual respondent’s personal information. There may be exceptional cases when individuals’ responses to a particular survey are provided to the Company’s clients; when this is provided, all information that could be used to identify an individual respondent is removed by the Company prior to disclosure.
The Company does not sell or trade your personal information with other persons or organizations, except to organizations affiliated with Company including the Company’s clients. For instance, the Company may disclose some of your personal information to individuals or organizations with whom we have contracts; however, this will never include your name, address, phone number or email, or other information that could reveal your identity or that can be used to get in contact with you. Nevertheless, the Company may be required by law to disclose your personal information, for example to comply with valid legal processes such as a subpoena or court order. The Company may also need to disclose your personal information in order to protect its legal rights or property, or where failure to disclose your personal information may put the safety of another individual at risk.
Upon request by email (to this email address: email@example.com) the Company will do its best to provide further explanation of the specific purposes for which your personal information will be used for any particular survey.
If you have provided personal information and wish to have it removed from our system at any time, please contact our Privacy Officer.
Participation by respondents in research is always voluntary. By providing personal information to us, including by agreeing to join a panel or by participating in a survey, you agree that the Company may collect, use and disclose such personal information as set out in the Policy and as otherwise permitted or required by law. The Company may collect, use or disclose personal information without your knowledge or consent where:
the personal information is publicly available from a public source, such as a telephone directory;
we are obtaining legal advice; and
we reasonably expect that obtaining consent would compromise an investigation or proceeding.
Your consent can be express, implied or given through an authorized representative such as a lawyer, agent or broker. Consent may be provided orally, in writing, electronically, by negative option or otherwise.
You may withdraw consent at any time, subject to legal or contractual restrictions, and provided that you give us reasonable notice of withdrawal of your consent. On receipt of notice of withdrawal of consent, we will inform you of the likely consequences of your withdrawal of consent.
When providing the Company with consent, or when revoking your consent, please do so by way of communication with the Privacy Officer via email at firstname.lastname@example.org.
4. Limiting Collection
We will limit our collection of personal information to that which is reasonable and necessary to provide our services or as authorized by law. The Company will collect personal information only by fair and lawful means.
5. Limiting Use, Disclosure and Retention
Your personal information will only be used or disclosed for the purposes consented to by you, and/or as authorized by law.
We do not trade or sell personal information, except in accordance with this Policy.
Personal information will be retained only as long as it is necessary to fulfill the purposes for which it is collected or to comply with our legal obligations. We will destroy, erase or make anonymous documents or other records containing personal information as soon as it is reasonable to assume that the original purpose is no longer being served by retention of the information and retention is no longer necessary for legal or business purposes. We will take due care when destroying personal information so as to prevent unauthorized access to the information.
The Company will make reasonable efforts to ensure that the personal information we collect, use or disclose is accurate and complete. In most cases, we rely on you to ensure that certain information is current, complete and accurate.
If you demonstrate the inaccuracy or incompleteness of your personal information, we will amend the information as required. If appropriate, we will send the amended information to third parties to whom the information has been disclosed.
When a challenge regarding the accuracy of personal information is not resolved to your satisfaction, we will annotate the personal information in our possession with a note that correction was requested but not made.
We protect the personal information in our custody or control by making reasonable security arrangements to prevent unauthorized access, collection, use, disclosure, copying, modification, disposal or similar risks.
We will take reasonable steps, through contractual or other reasonable means, to ensure that a comparable level of personal information protection is implemented by the suppliers and agents who assist in providing services to us. Some specific safeguards include:
- physical measures such as locked filing cabinets;
- organizational measures such as restricting employee access to files and databases as appropriate;
- electronic measures such as passwords, encryption, and firewalls; and
- investigative measures where the Company has reasonable grounds to believe that personal information is being inappropriately collected, used or disclosed.
Note that despite best practices and the Company’s best efforts, confidentiality and security may not be assured when information is transmitted through e-mail or other wireless communication. Please notify the Company’s Privacy Officer in writing if you do not want the Company to communicate with you through these means.
The Company is open about its privacy policies and procedures used to protect your personal information. Information about these policies and procedures can be obtained from our office by written request to the Company Privacy Officer. We reserve the right to refuse to disclose sensitive information about our policies and procedures to ensure the integrity of our security procedures.
9. Individual Access
You have the right to access your personal information held by the Company.
Upon written request and authentication of identity, we will provide you with a summary of your personal information in our possession, a description of the way in which that information is being used, and a list of the individuals and organizations to whom that information has been disclosed.
We may charge a reasonable fee for providing information in response to an access request and will provide an estimate of any such fee upon receiving an access to information request. We may require a deposit for all or part of the fee.
We will make the information available within 30 days or provide written notice where additional time is required to fulfill the request.
In some situations, we may not be able to provide access to certain personal information. This may be the case where, for example, disclosure would reveal personal information about another individual, or disclosure of the information would reveal confidential commercial information that, if disclosed, could harm the competitive position of the Company. The Company may also be prevented by law from providing access to certain personal information.
Where an access request is refused, we will notify you in writing, document the reasons for refusal and outline further steps which are available to you.
10. Challenging Compliance
The Company will, on request, provide information about complaint procedures. Any inquiries, complaints, or questions regarding the Policy should be directed in writing to the Company’s Privacy Officer at:
Name: Alex Usher
Mail: 400-460 Richmond St. W, Toronto, Ontario, M5V 1Y1